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Reaching  the  Goal  -  Build  the  Net 


Spiraling  Information  Demands -The  Way  Ahead  With  IPv6 

Kristopher  L.  Strance 
Office  of  Assistant  Secretary  of  Defense 

The  achievement  of  Net-Centric  Operations  and  Warfare  (NCOW),  envisioned  as  the  Global  Information  Grid  (GIG)  of 
inter-networked  sensors,  pla  forms,  facilities,  people,  and  information,  depends  on  effective  implementation  of  Internet  Protocol 
l  'ersion  6  (IPv6)  in  concert  with  other  aspects  of  the  GIG  architecture. 

—  Department  of  Defense  Chief  Information  Officer  (DoD  CIO)  Memorandum,  June  2003 


I  IPv6  is  the  next-generation  network 
layer  protocol  for  the  Internet  and  the 
DoD  GIG. 

The  current  version  of  IP,  IPv4,  was 
developed  in  the  1970s  and  is  the  basis 
of  interoperability  for  today’s  Internet 
and  many  DoD  networks.  However, 
IPv4  has  limitations  that  inhibit  the  end- 
to-end  paradigm  of  the  Internet  and 
achievement  of  the  DoD’s  vision  of  net- 
centric  operations. 

IPv6  has  been  under  development  by 
the  Internet  community  for  more  than  a 
decade  and  is  designed  to  overcome 
IPv4  limitations  by  greatly  expanding 
available  IP  address  space  and  integrat¬ 
ing  features  such  as  end-to-end  security, 
mobile  communications,  Quality  of 
Service  (QoS),  and  simplified  network 
management.  The  numerous  fixes  and 
extensions  implemented  to  overcome 
IPv4  limitations  often  have  increased 
network  complexity  and  slowed  network 
performance.  The  DoD  transition  to 
IPv6  will  add  functionality  and  reduce 
network  complexity. 

Why  Is  IPv6  Transition 
Important  to  the  DoD? 

The  DoD  seeks  to  build  a  more  agile, 
robust,  interoperable,  and  collaborative 
net-centric  environment  where  warfight¬ 
ers,  intelligence,  and  business  users  share 
information  on  a  secure,  dependable, 
and  global  network.  This  NCOW  net¬ 
work  will  enable  superior  decision-mak¬ 
ing  and  more  effective  military  opera¬ 
tions  through  network  ubiquity  and  seal- 
ability,  globally  routable  addresses,  net¬ 
work  support  of  QoS,  enhanced  plug- 
and-play/  mobility,  auto-configuration, 
improved  multicast,  end-to-end  security, 
and  improved  network  maintainability. 

In  the  GIG,  IP  is  the  common  net¬ 
work  protocol  that  allows  all  types  of 
data  to  move  seamlessly  on  the  GIG’s 
diverse  transport  layer  which  includes 
landline,  radio,  and  space-based  ele¬ 
ments.  Due  to  fundamental  limitations 
of  the  current  IPv4  protocol  for  the 
long-term  networking  requirements  of 


the  DoD  and  commercial  community, 
IPv6  is  a  critical  enabler  in  achieving  the 
DoD’s  vision  of  the  NCOW. 

Challenges  ofTransitioning 
to  IPv6 

The  DoD  strategy  for  transitioning  to 
IPv6  is  based  on  technology  refreshment 
of  the  DoD  Information  Technology 
(IT)  infrastructure.  This  poses  a  daunt¬ 
ing  challenge  since  this  infrastructure  is 
distributed  across  all  DoD  components, 
geographically  dispersed,  and  managed 
through  a  complex  and  interdependent 
mesh  of  DoD  programs  and  projects. 
The  IPv6  technologies  to  support  the 
operational  needs  of  this  varied  set  of 
users  are  still  being  developed,  especially 
with  respect  to  security  and  mobility. 
The  DoD  faces  specific  challenges  in  the 
following  four  categories: 

•  Prioritizing  IPv6  resources  by  DoD 
components. 

•  Training  experienced  IPv6  IT  staff  to 
support  testing,  operations,  and 
maintenance. 

•  Availability  of  IPv6  capable  products 
and  advanced  IPv6  features. 

•  Scheduling  dependencies  and  coordi¬ 
nating  DoD  networks. 

To  manage  the  security  challenges 
and  associated  risks,  the  DoD  has  estab¬ 
lished  a  set  of  milestone  objectives  to 
guide  the  development  of  information 
assurance  security  configurations  and 
allow  transition  to  occur  only  after 
understanding  the  vulnerabilities. 
Milestone  Objective  1  provides  DoD 
components  the  authority  to  operate  using 
IPv6  within  approved  isolated  network  domains 
(enclaves).  Milestone  Objective  2  pro¬ 
vides  authority  to  operate  using  IPv6  across 
cooperative  multi-domain  environments  (trans¬ 
port).  Milestone  Objective  3  will  be 
reached  when  Defense  Information  Systems 
Networks  and  DoD  components’  core  IP  infra¬ 
structures  are  capable  of  accepting,  routing, 
and  processing  IPv6  protocol  traffic  while  pro¬ 
viding  parity  to  IPv4. 

The  DoD  intends  to  manage  transi¬ 
tion  risks  in  the  areas  of  interoperability, 


performance,  and  security  by  a  measured 
and  controlled  approach  and  to  field 
IPv6  capabilities  using  pilot  implementa¬ 
tions  and  test  and  evaluation  activities. 
The  DoD  IPv6  Master  Test  Plan1  identi¬ 
fies  17  DoD  test  facilities  and  networks 
to  conduct  IPv6  test  and  evaluation.  One 
of  the  DoD  test  networks  is  the  Defense 
Research  and  Engineering  Network 
(DREN).  DREN  provided  an  early  DoD 
network  IPv6  pilot  implementation,  pri¬ 
marily  to  support  DoD  IPv6  research 
and  test  requirements.  Although  the 
DREN  only  partially  represented  the 
DoD’s  complex  networks,  valuable 
lessons  have  been  learned,  including  the 
following: 

•  IPv6  performance  was  approximately 
the  same  as  IPv4  on  various  stress 
tests. 

•  Using  defense-in-depth  concepts, 
IPv6  security  was  comparable  to 
IPv4  for  Wide  Area  Network  and  site 
protection. 

•  Training  requirements  were  minimal 
for  personnel  already  familiar  with 
IPv4. 

•  Most  equipment  at  the  sites  could  be 
upgraded  to  IPv6. 

More  work  is  required  in  test  and 
pilot  implementations.  However,  early 
DREN  efforts  and  results  provided  an 
optimistic  start. 

Way  Ahead 

The  DoD  embarked  on  the  journey  to 
IPv6  in  June  2003  when  the  DoD  CIO 
established  the  goal  to  transition  to  IPv6 
by  fiscal  year  2008.  We  have  further 
refined  the  goal  to  transition  our  core 
networks  to  provide  a  service  offering  of 
IPv6  by  that  date,  with  other  DoD  net¬ 
works,  infrastructures,  and  applications 
to  follow.  The  road  map  to  achieve  this 
goal  is  being  developed  now.  The 
Defense  Information  Systems  Agency 
(DISA)  has  developed,  and  is  now  exe¬ 
cuting,  IPv6  transition  plans  for  our  core 
enterprise  networks.  DISA  is  integrating 
the  IPv6  implementation  schedules  for 
other  DoD  component  core  networks 
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into  the  enterprise  networks  transition 
plans.  We  have  developed  a  DoD  IPv6 
master  test  plan  to  coordinate  all  IPv6 
related  testing  activities  across  the  DoD 
and  promote  efficient  use  of  DoD  test 
and  evaluation  resources.  The  DoD  has 
acquired  IPv6  address  space  and  is  devel¬ 
oping  a  DoD  IPv6  addressing  plan.  We 
recognize  that  DoD  IPv6  transition 
progress  depends,  to  a  great  degree,  on 
industry’s  transition  to  IPv6.  The  DoD 
continues  to  collaborate  with  industry 
standard’s  bodies  to  ensure  DoD 
requirements  are  reflected  in  evolving 
IPv6  standards. 

Effective  implementation  of  IPv6, 
through  synchronized  planning  and 
comprehensive  testing,  in  concert  with 
other  aspects  of  GIG  architecture  devel¬ 
opment,  will  enable  the  DoD  to  achieve 
the  net-centric  vision.  ♦ 

Note 

1.  Can  be  accessed  at  <https:/ /gesportal. 
dod.mil/ sites/JITCIPv6/ tewg/ default 
.aspx?RootFolder=%2fsites%2fJITCI 
Pv6%2ftewg%2fDocument%20Lib 
rary%2fl%2fJoint%20Staff%20IPv6 
%200perational%20Criteria&View= 
%7bA84A1771%2d0ACl%2d4003 
%2dB341%2dC6D8EF28FA40%7d>, 
but  a  DoD  Common  Access  Card  is 
required. 
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those  attributes  critical  to  die  realization 
of  interoperable  shared  services  through¬ 
out  the  DoD. 

Way  Ahead.  A  common  infrastructure 
enables  force  capabilities  to  be  readily  net¬ 
worked  in  support  of  joint  warfighting 
and  operations.  Interoperability  of  capa¬ 
bilities  is  improved  when  military  services, 
agencies,  and  mission  partners  create 
reusable  building  blocks  through  the  use  of 
services.  NCES  is  a  key  provider  of  build¬ 
ing  block  services  as  part  of  the  common 
infrastructure  to  be  leveraged  across  die 
DoD  and  its  mission  partners  in  the 
development  of  information  sharing 
capabilities. 

The  NCES  program  needs  to  continue 
working  collaboratively  with  die  DoD 
community  to  expedite  the  delivery  of  its 
common  infrastructure  services,  related 
standards,  and  guidance  for  using  its  ser¬ 
vices.  ♦ 
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